Java

What is Java?

Java Platform, Standard Edition or Java SE is a widely used platform for programming in the Java language. It is the Java Platform used to deploy portable applications for general use. In practical terms, Java SE consists of a virtual machine, which must be used to run Java programs, together with a set of libraries (or "packages") needed to allow the use of file systems, networks, graphical interfaces, and so on, from within those programs.

Why do I need Java?

There are lots of applications and websites that won't work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere.
You need java for Javascripts, Java-Applets, .jar-files and many applications.

Why should I have the latest version?

The latest Java version contains important enhancements to improve performance, stability and security of the Java applications that run on your machine. Installing the latest update will ensure that your Java applications continue to run safely and efficiently.
You should regularly update Java for avoid bad things like getting hacked, computer crashes, instability, performance slowdown, etc. . If your computer is somewhat older and Java-applications take all system resources, an update may improve the performance of all java-based programs. Keep also in mind that running older versions of any software, and especially software like Java, is a security risk.

Where to get Java

You can download the latest version of Java for your computer at the official website:
http://www.java.com/en/download/index.jsp

Privacy & Java

When using proxies (IP:Port proxies or Webproxies), your real IP can be revealed by Java. This means, every website that uses Java can identify you online. You can test this @ IP-score.com.
To avoid this, you can disable Javascript either in your browser's settings (in case you're using IP:Port proxies).
Or disable Javascript in the settings of your webproxy (*[http://hidemyass.com/proxy @ "Advanced option")

The same goes for Flash, Silverlight, Windows Media Player and several other plugins/add-ons. They all might reveal your real identity. The reason for this is that a usual proxy works only within your browser; but plugins and add-ons work like independent applications, so your proxy may get ignored by them. Note: This can happen only with webproxies and IP:Port proxies. When using HMA's Pro VPN service, your real IP will be safe in these cases.

Further problems foreseen for Oracle’s Java

It’s been something of a bad start to the year for Oracle and it doesn’t look likely that it’ll be getting any better any time soon.  Security firm FireEye has uncovered yet another zero-day exploit affecting Oracle’s Java software adding to a long list of flaws that have already been discovered.
Researchers from FireEye say that the vulnerability has already been used to ‘attack multiple customers’ and can be exploited in browsers that have Java v1.6 Update 41 or Java v1.7 Update 15 installed – the latest, supposedly patched, versions of the plug-in.  FireEye warns that this newest flaw is being used to install a remote-access Trojan called McRat and says that it’s a different exploit to the one that caused major security breaches at Facebook, Apple and Twitter recently. McRat is a Windows Trojan and so, although it’s unclear so far whether the flaw affects only Windows or whether computers that run on Linux and Mac OS X are also susceptible, the ‘in the wild’ attacks are only specifically targeting Windows users.
Java’s last update was applied on 19th February and despite being a scheduled release that only targeted 5 security flaws, it followed an emergency update that patched 50 vulnerabilities.  The bad news for everyone that applied these updates hoping that their worries would disappear is that security researchers from Kaspersky Lab last week claimed that the exploit worked in the most recent update of Java (Update 15) but appeared to fail in older ones – such as Update 10.  The only positive news that FireEye is able to offer is that the exploit doesn’t seem to be very reliable as it tries to overwrite large chunks of memory and often ends up causing a Java Virtual Machine crash.
In case you're reading this now on a Java-enabled browser, the current advice is to uninstall or disable Java or set your security settings to ‘High’ when you need to use it. If you’re concerned about online security more generally, then investing in a VPN service will give you an extra level of protection. If your VPN is enabled while you browse the internet, your system is less likely to be exploited by hackers.